-
Notifications
You must be signed in to change notification settings - Fork 166
170 lines (147 loc) · 7.92 KB
/
check-pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
name: check-pr
on:
pull_request:
jobs:
build:
runs-on: [ ubuntu-24.04 ]
steps:
- name: checkout v4
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set the defaults and set up environment
run: |
echo NGINX_CONFIGURE_CMD="auto/configure --prefix=/tmp --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-select_module --with-poll_module --with-http_auth_request_module --with-http_v2_module --with-http_slice_module --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-threads --with-cpp_test_module --with-compat --with-http_degradation_module --with-http_xslt_module --with-http_image_filter_module --with-http_perl_module --with-http_geoip_module --with-stream_geoip_module" >> $GITHUB_ENV
export DEB_BUILD_MAINT_OPTIONS="hardening=+all"
export DEB_CFLAGS_MAINT_APPEND="-fPIC"
export DEB_LDFLAGS_MAINT_APPEND=""-Wl,--as-needed""
echo CC_OPT=$(dpkg-buildflags --get CFLAGS) >> $GITHUB_ENV
echo LD_OPT=$(dpkg-buildflags --get LDFLAGS) >> $GITHUB_ENV
echo MAKE_UTILITY=make >> $GITHUB_ENV
- name: Install build dependencies
run: |
sudo apt-get update
sudo apt-get install \
libssl-dev zlib1g-dev libpcre2-dev libxslt1-dev libgeoip-dev \
libgd-dev libxml2-dev libedit-dev libperl-dev libtest-harness-perl \
libgd-perl libgeoip-dev expect
- name: Install x86 build dependencies
run: |
sudo dpkg --add-architecture i386
sudo apt-get update
sudo apt-get install -y gcc-multilib libc6:i386 libpcre2-dev:i386 zlib1g-dev:i386
- name: Check out nginx
run: |
git clone https://github.com/nginx/nginx nginx-source
- name: Check out nginx tests
run: |
git clone https://github.com/nginx/nginx-tests
- name: Check out and build quickjs
run: |
git clone https://github.com/bellard/quickjs
cd quickjs
CFLAGS=$CC_OPT LDFLAGS=$LD_OPT $MAKE_UTILITY -j$(nproc) libquickjs.a
- name: Configure and make njs
run: |
./configure \
--cc-opt="$CC_OPT" \
--ld-opt="$LD_OPT" \
|| cat build/autoconf.err
$MAKE_UTILITY -j$(nproc)
- name: Test njs
run: |
$MAKE_UTILITY test
$MAKE_UTILITY clean
- name: Configure and make njs, 32-bit
run: |
./configure \
--cc-opt="$CC_OPT -m32" \
--ld-opt="$LD_OPT" \
|| cat build/autoconf.err
$MAKE_UTILITY -j$(nproc)
- name: Test njs, 32-bit
run: |
$MAKE_UTILITY test
$MAKE_UTILITY clean
- name: Configure and make njs with quickjs
run: |
./configure \
--with-quickjs \
--cc-opt="$CC_OPT -Iquickjs" \
--ld-opt="$LD_OPT -Lquickjs" \
|| cat build/autoconf.err
$MAKE_UTILITY -j$(nproc)
- name: Test njs with quickjs
run: |
$MAKE_UTILITY test
$MAKE_UTILITY clean
- name: Configure and build nginx and njs modules
run: |
cd nginx-source
$NGINX_CONFIGURE_CMD --with-cc-opt="$CC_OPT" --with-ld-opt="$LD_OPT" --add-dynamic-module=../nginx || cat objs/autoconf.err
$MAKE_UTILITY -j$(nproc) modules
$MAKE_UTILITY -j$(nproc)
- name: Test njs modules
run: |
ulimit -c unlimited
prove -v -j$(nproc) -Inginx-tests/lib --state=save nginx/t . || prove -v -Inginx-tests/lib --state=failed
env:
TEST_NGINX_BINARY: "${{ github.workspace }}/nginx-source/objs/nginx"
TEST_NGINX_GLOBALS: "load_module ${{ github.workspace }}/nginx-source/objs/ngx_http_js_module.so; load_module ${{ github.workspace }}/nginx-source/objs/ngx_stream_js_module.so;"
TEST_NGINX_VERBOSE: 1
- name: Create LSAN suppression file
run: |
cat << EOF > lsan_suppressions.txt
leak:ngx_event_process_init
EOF
- name: Configure and build nginx and njs modules with quickjs, asan, static modules
run: |
cd nginx-source
$NGINX_CONFIGURE_CMD --with-cc-opt="$CC_OPT -I${{ github.workspace }}/quickjs -fsanitize=address -DNJS_DEBUG_MEMORY -DNGX_DEBUG_PALLOC -DNGX_DEBUG_MALLOC" --with-ld-opt="$LD_OPT -L${{ github.workspace }}/quickjs -fsanitize=address" --add-module=../nginx || cat objs/autoconf.err
$MAKE_UTILITY -j$(nproc)
- name: Test njs modules, static modules
run: |
ulimit -c unlimited
prove -v -j$(nproc) -Inginx-tests/lib --state=save nginx/t . || prove -v -Inginx-tests/lib --state=failed
env:
TEST_NGINX_BINARY: "${{ github.workspace }}/nginx-source/objs/nginx"
TEST_NGINX_VERBOSE: 1
ASAN_OPTIONS: "detect_odr_violation=0:report_globals=0"
LSAN_OPTIONS: "suppressions=${{ github.workspace }}/lsan_suppressions.txt"
- name: Test njs modules (js_engine qjs), static modules
run: |
ulimit -c unlimited
prove -v -j$(nproc) -Inginx-tests/lib --state=save nginx/t . || prove -v -Inginx-tests/lib --state=failed
env:
TEST_NGINX_BINARY: "${{ github.workspace }}/nginx-source/objs/nginx"
TEST_NGINX_GLOBALS_HTTP: "js_engine qjs;"
TEST_NGINX_GLOBALS_STREAM: "js_engine qjs;"
TEST_NGINX_VERBOSE: 1
ASAN_OPTIONS: "detect_odr_violation=0:report_globals=0"
LSAN_OPTIONS: "suppressions=${{ github.workspace }}/lsan_suppressions.txt"
- name: Configure and build nginx and njs modules with quickjs, asan, dynamic modules
run: |
cd nginx-source
$NGINX_CONFIGURE_CMD --with-debug --with-cc-opt="$CC_OPT -I${{ github.workspace }}/quickjs -fsanitize=address -DNJS_DEBUG_MEMORY -DNGX_DEBUG_PALLOC -DNGX_DEBUG_MALLOC" --with-ld-opt="$LD_OPT -L${{ github.workspace }}/quickjs -fsanitize=address" --add-dynamic-module=../nginx || cat objs/autoconf.err
$MAKE_UTILITY -j$(nproc) modules
$MAKE_UTILITY -j$(nproc)
- name: Test njs modules, dynamic modules
run: |
ulimit -c unlimited
prove -v -j$(nproc) -Inginx-tests/lib --state=save nginx/t . || prove -v -Inginx-tests/lib --state=failed
env:
TEST_NGINX_BINARY: "${{ github.workspace }}/nginx-source/objs/nginx"
TEST_NGINX_GLOBALS: "load_module ${{ github.workspace }}/nginx-source/objs/ngx_http_js_module.so; load_module ${{ github.workspace }}/nginx-source/objs/ngx_stream_js_module.so;"
TEST_NGINX_VERBOSE: 1
ASAN_OPTIONS: "detect_odr_violation=0:report_globals=0:fast_unwind_on_malloc=0"
LSAN_OPTIONS: "suppressions=${{ github.workspace }}/lsan_suppressions.txt"
- name: Test njs modules (js_engine qjs), dynamic modules
run: |
ulimit -c unlimited
prove -v -j$(nproc) -Inginx-tests/lib --state=save nginx/t . || prove -v -Inginx-tests/lib --state=failed
env:
TEST_NGINX_BINARY: "${{ github.workspace }}/nginx-source/objs/nginx"
TEST_NGINX_GLOBALS: "load_module ${{ github.workspace }}/nginx-source/objs/ngx_stream_js_module.so; load_module ${{ github.workspace }}/nginx-source/objs/ngx_http_js_module.so;"
TEST_NGINX_GLOBALS_HTTP: "js_engine qjs;"
TEST_NGINX_GLOBALS_STREAM: "js_engine qjs;"
TEST_NGINX_VERBOSE: 1
ASAN_OPTIONS: "detect_odr_violation=0:report_globals=0:fast_unwind_on_malloc=0"
LSAN_OPTIONS: "suppressions=${{ github.workspace }}/lsan_suppressions.txt"